OwlTail

Cover image of Purple Squad Security

Purple Squad Security

Information Security, InfoSec, CyberSec, Cyber, Security, whatever you call it, we talk about it! From mobiles and desktops to data centers and the cloud, Purple Squad Security is here to help and give back to our community of information security professionals. We cover security topics for the red team, blue team, purple team, whatever team! We are a community of professionals, and this is one man's attempt to give back. CISSP, CISM, CEH credits can be obtained here! Also happy to provide info for OSCP, OSCE, and other Offensive Security certified professionals.

Popular episodes

All episodes

The best episodes ranked using user listens.

Podcast cover

Episode 39 – John’s OSCP Journey

Over the past few months, John has been working on obtaining his OSCP certification.  Recently he attempted and successfully passed the exam!  In this episode he goes over his journey, what he learned as well as a few tips to help those attempting this rather difficult certification. Some links of interest: Penetration Testing - A Hands On Introduction to Hacking - https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641 Web Application Hacker's Handbook 2nd Edition - https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 OSCP Prep: https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob https://github.com/burntmybagel/OSCP-Prep http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/ https://medium.com/@andr3w_hilton/oscp-training-vms-hosted-on-vulnhub-com-22fa061bf6a1 https://tulpa-security.com/2016/09/19/prep-guide-for-offsecs-pwk/ VulnHub - https://www.vulnhub.com/ HackTheBox - https://www.hackthebox.eu/ Infosec Mastodon - https://infosec.exchange/auth/sign_up Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

58mins

16 Sep 2018

Rank #1

Podcast cover

Episode 22 – Open Source Intelligence Techniques with Michael Bazzell

Nothing helps out security more than information.  Heck, it's the first part of our professions name!  In Infosec, knowledge is key and sometimes we need to roll up our sleeves to get the information we need from various open source outlets.  I'm fortunate to have as a guest on this episode the man who literally wrote the book on OSINT techniques, Michael Bazzell.  We discuss OSINT techniques as well as his recently updated book.  Have yourself a listen and hear the advice Michael has for starting your own OSINT adventures. Some links of interest: https://inteltechniques.com/ Open Source Intelligence Techniques, 6th Edition Buscador - OSINT OS https://michaelbazzell.com/forum.html Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

33mins

4 Mar 2018

Rank #2

Similar Podcasts

Podcast cover

Episode 20 – Physical Penetration Testing with Jek Hyde

Not all penetration testing is done in a virtual setting or even through a phone call.  Sometimes you need to get down and dirty and actually interact with people.  In this very special episode I sit down and speak with the great Jek Hyde about physical penetration testing and everything that it entitles.  It's a fascinating talk for sure, and one you don't want to miss. Some links of interest: Jek's Motherboard Article IntelTechniques.com Open Source Intelligence Techniques (Book) Google Hacking Database (Google Dorks) redteamtools.com @HydeNS33k Want to reach out to the show?  There's a few ways to get in touch! Show's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you all again next time. Find out more at http://purplesquadsec.com

53mins

18 Feb 2018

Rank #3

Podcast cover

Episode 57 – Tinker After Dark – Tinker Tales by the Fire

There were more than a few of you who were anxiously awaiting his return, and he's back!  Tinker joins me once again to share some stories from his adventures in hackerland.  In addition, I have given Tinker free reign to speak as he chooses, and naturally I participate as well.  Fair warning, this is not safe for work or sensitive ears.  I do ask that you try not to be offended, as his stories and reflections on those events makes for one excellent episode. Some links of interest: Tinker's Fediverse Account: @tinker@infosec.exchange Tinker's Twitter Account: @TinkerSec Tinker's Blog: https://tinker.sh SecLists: https://github.com/danielmiessler/SecLists Cyber City Conference: https://www.cybercityconf.io/ Cyber City Conference CFP: https://www.papercall.io/cybercityconf We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

1hr 20mins

9 Jun 2019

Rank #4

Most Popular Podcasts

Podcast cover

Episode 004 – A Day In The Life Of A Red Teamer With Mark Kikta

Red Teams.  For some, it's the "frenemy".  For others, it's the greener grass on the other side of the defence wall.  In this episode I spend some time speaking with security consultant Mark Kikta about Red Teaming.  Mark has been a Red Teamer for a while and has a lot of experience to share.  We talk about a number of different things, share some laughs and try to shed some light on an often misunderstood group. Mark has also graciously offered to hang out in our Slack channel!  Just message @mark to get in touch with him if you have questions or just want to say "hey". Some links of interest: CircleCityCon - Seeing Purple Hybrid Security Teams for the Enterprise Time Based Security Slack Sign-Up Link: https://signup.purplesquadsec.com Want to reach out to the show?  There's a few ways to get in touch! Show Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Website: purplesquadsec.com Slack Sign-Up Link: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you again next time! Find out more at http://purplesquadsec.com

50mins

24 Sep 2017

Rank #5

Podcast cover

Episode 64 - Fireside Chat with Tanya Janca

I'm trying a slightly different format for the next few episodes, and I'd appreciate any feedback you may have. In this episode I sit down with the amazing Tanya Janca for a fireside chat about her new company, Security Sidekick. They seem to have some pretty ambitious goals, and I couldn't think of anyone better to help make those a reality. Some links of interest: For Tanya: Tanya's Twitter: https://twitter.com/shehackspurple Tanya's Dev.to Profile: https://dev.to/shehackspurple Tanya's Blog: https://medium.com/@shehackspurple Tanya's YouTube Profile: https://www.youtube.com/shehackspurple Tanya's Twitch Channel: https://www.twitch.tv/shehackspurple Tanya's LinkedIn Profile: https://www.linkedin.com/in/tanya-janca For Security Sidekick: Website: https://securitysidekick.dev Twitter: https://twitter.com/SecSidekick YouTube Channel: https://www.youtube.com/channel/UC3KyuI83jt0l14q8xyffC2A Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Podcast Store: https://purplesquadsec.com/store Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

50mins

3 Nov 2019

Rank #6

Podcast cover

Episode 005 – #DFIR to Someone Else

Digital Forensics and Incident Response - DFIR.  The mere mention of the acronym brings forth memories of CSI, plastic bags and agents in suits coming to collect all manner of evidence.  In this episode I speak with Jonathon Poling, a DFIR expert who has graciously agreed to talk DFIR with me!  Another great listen, Jonathon has a lot of great experience in the field and much to share.  Have yourself a listen! Some links of interest: Jonathon's Blog: http://ponderthebits.com/ Jonathon's Twitter: @JPoForenso Slack Sign-Up Link: https://signup.purplesquadsec.com Want to reach out to the show?  There's a few ways to get in touch! Show Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Website: purplesquadsec.com Slack Sign-Up Link: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you again next time! Find out more at http://purplesquadsec.com

1hr 3mins

1 Oct 2017

Rank #7

Podcast cover

Episode 49 – The Red Team Life with Curtis Brazzell

What is a red team?  How does it differ from a penetration tester's day-to-day?  How do red teams stay sharp?  How do they stay motivated?  These are a few of the questions I seek to have answered by Curtis Brazzell, a managing Security Consultant at Pondurance.  It's a great interview and sheds light on the difference between red teaming and penetration testing. Some links of interest: Curtis' Twitter: https://twitter.com/CurtBraz Curtis' LinkedIn Profile: https://www.linkedin.com/in/curtisbrazzell/ Pondurance Website - https://www.pondurance.com/ We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

34mins

3 Feb 2019

Rank #8

Podcast cover

Episode 66 - Fireside Chat with Adrian Cheek

Adrian Cheek stops by the show this week to have a nice fireside chat with me. We talk about passive DNS, which Adrian first introduced to me a few years ago, and then move on to threat hunting. Adrian has a very interesting history and it was a joy to speak with him. Some links of interest: Adrian's Twitter: @Outkast_TI Farsight Passive DNS - https://www.farsightsecurity.com/solutions/dnsdb/ Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Podcast Store: https://purplesquadsec.com/store Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

42mins

1 Dec 2019

Rank #9

Podcast cover

Episode 58 – Malware Analysis with Kyle Andrus

Often times in information security, we look upon penetration testing and red teaming with awe and view those professions as the "sexy" side of security.  Truth be told, the defensive side has a lot of exciting opportunities as well!  Kyle Andrus joins me this week to talk about malware analysis, which I think is definitely one of the sexier sides of defense. Some links of interest: Practical Malware Analysis Book - https://nostarch.com/malware Cuckoo Sandbox - https://cuckoosandbox.org/ CyberChef - https://gchq.github.io/CyberChef/ Leny Zeltser's Blog - https://zeltser.com/blog/ Journey Into Incident Response - http://journeyintoir.blogspot.com/ Malware Unicorn's Reverse Engineering Workshop - https://malwareunicorn.org/#/workshops MiSec - https://www.misec.us/ Kyle's Twitter Account: @chaoticflaws Want to hear about a new Infosec con?  If you're in and around the Waterloo region area in October, why not check out Cyber City!  This is Waterloo region's premier information security conference.  Tickets are on sale now and the CFP is open until July 31st, 2019.  Don't wait, and come participate today!   Cyber City Conference: https://www.cybercityconf.io/ Cyber City Conference CFP: https://www.papercall.io/cybercityconf We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

43mins

23 Jun 2019

Rank #10

Podcast cover

Episode 67 - A casual conversation with Snow

Snow stops by during the winter months to share with us the true origin of her hacker handle, stories from some physical penetration testing, a quick note on her Kringlecon talk, and so much more! A great way to round out the year! Some links of interest: Snow's Twitter: @_sn0ww Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Podcast Store: https://purplesquadsec.com/store Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

48mins

15 Dec 2019

Rank #11

Podcast cover

Episode 50 – Tabletop D&D with Tim De Block, Ed Rojas, Daniel Ebbutt, and Kyle Andrus

It's that time again!  Yes, another Tabletop D&D episode is upon us!  This time I asked Timothy de Block from the Exploring Information Security podcast to join me, along with a few interesting characters.  Let's just say this particular episode is not for the faint of heart, and we have a few swears thrown in to keep with the atmosphere.  Enjoy! Some links of interest: Exploring Information Security Podcast: https://www.timothydeblock.com/eis/ Tactical Edge: https://tacticaledge.co/index_en.html Tactical Edge Twitter: @Tactical3dge Kyle's Twitter: @chaoticflaws Ed's Twitter: @edgarr0jas Daniel's Twitter: @notdanielebbutt Tim's Twitter: @timothydeblock Tabletop Scenarios Twitter: @badthingsdaily We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

1hr 29mins

17 Feb 2019

Rank #12

Podcast cover

Episode 53 – #Ginfosec with @InfoSecSherpa – All About Cons!

Once again I am pleased to share a #ginfosec episode with the woman who helps guide others through the mountains of infosec, Tracy InfoSecSherpa Maleeff!  In this extended episode Tracy and I speak about conferences from the attendee point of view; what to expect, what to bring, how to go, and what you should aim to get from the con.  Enjoy! Some links of interest: Tracy's Twitter: @InfoSecSherpa Sign up for Tracy's Nuzzle Newsletter: https://nuzzel.com/InfoSecSherpa Study on different note taking techniques: https://www.scientificamerican.com/article/a-learning-secret-don-t-take-notes-with-a-laptop/ Tracy's Unusual Journey into Infosec: https://www.secjuice.com/infosecsherpa-unusual-journeys/ Tracy's Talk at BSides NoVa - Networking with Humans: https://www.youtube.com/watch?v=bbfyXTZCVC0 We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

1hr 37mins

14 Apr 2019

Rank #13

Podcast cover

Episode 56 – John Reads: Choose Your Own Red Team Adventure

A few weeks ago, Sam King on Twitter mentioned me in a tweet that included a link to a Medium post, but not just any Medium post.  Tim MalcomVetter had posted up an "Choose Your Own Red Team Adventure", which I thought was just amazing!  I used to read a lot of choose your own adventure books as a kid, so I was naturally excited!  For this episode, I will be going through the story the first time, reading aloud as I try my hand at red teaming against a customer.  I hope you enjoy! Some links of interest: Choose Your Own Red Team Adventure - https://medium.com/@malcomvetter/choose-your-own-red-team-adventure-f87d6a3b0b76 Tim MalcomVetter's Twitter - @malcomvetter We have a new store!  Come check out the various Purple Squad Security goods you can buy to share your following and help the show.  From stickers to mugs, we have a few items up for sale: https://purplesquadsec.com/store Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

32mins

26 May 2019

Rank #14

Podcast cover

Episode 008 – IAM Securing AWS with J Cole Morrison

The cloud.  The final frontier.  Well, not exactly but it is a pretty important topic in today's IT environment.  Unfortunately 2017 has been the year of leaks, hacks, and misconfigurations when it comes to the cloud.  Amazon Web Services (AWS) is the cloud provider with the most market share, but its security configuration can leave a bit to be desired. J Cole Morrison joins me this week to discuss IAM policies in AWS, what they are and why they are important.  Cole has written about IAM policies on his blog (link below), which I encourage everyone to read. Some links of interest: Cole's IAM Blog Article: AWS IAM Policies in a Nutshell Cole's Website: https://start.jcolemorrison.com/ Cole's Twitter: @JColeMorrison AWS DevOps: https://awsdevops.io/ Want to reach out to the show?  There's a few ways to get in touch! Show Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Website: purplesquadsec.com Slack Sign-Up Link: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you again next time! Find out more at http://purplesquadsec.com

32mins

22 Oct 2017

Rank #15

Podcast cover

Episode 009 – Detecting Intruders on AWS with Scott Piper

The old saying of a defender has to be right 100% of the time while an attacker only has to be right once is growing a bit tired.  Now blue team members should be measured not by keeping the attackers out, but by how quickly they can find out that they're on your network. Scott Piper joins me this week to discuss how we can detect intruders in your AWS cloud infrastructure.  We cover a lot of different tools and techniques that you can use to help detect intruders, and some mitigation strategies to help reduce the risk when an attack is successful. Some links of interest: ElastAlert: https://github.com/Yelp/elastalert StreamAlert: https://github.com/airbnb/streamalert Prowler: https://github.com/Alfresco/prowler Security Monkey: https://github.com/Netflix/security_monkey AWS Billing Alerts: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/free-tier-alarms.html jq (for JSON parsing on the CLI): https://stedolan.github.io/jq/ Summit Route: https://summitroute.com/ Downclimb: https://summitroute.com/blog/ Scott's Twitter: @SummitRoute Want to reach out to the show?  There's a few ways to get in touch! Show Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you again next time! Find out more at http://purplesquadsec.com

42mins

29 Oct 2017

Rank #16

Podcast cover

Episode 45.1 – Holiday Special – Storytime with Tinker – NO MUSIC!!!

Hey everyone, this is a re-release of episode 45 with Tinker, but this one is WITHOUT the background music.  I hope this makes up for the snafu in an otherwise great interview! Happy December everyone!  Whatever holiday you may be celebrating this season, may it be enjoyable.  I've decided for the month of December to treat myself, by having a bunch of people I hold in high regard to join me in sharing of their tales, similar to the fireside chats I've had in the past.  We have no set agenda, we have no set time, but we do plan on sharing some fun stories that hopefully you will enjoy. So consider this a holiday gift my dear listener, and I hope you find it as enjoyable as I do. This episode we are going to have a man whom I honestly believe should write as many books as possible, and provide audiobook versions as well, the one and only Tinker! Some links of interest: Tinker's Website: https://www.tinker.sh/ Dallas Hackers - https://dallashackers.com/ Popular Mechanics Article - https://www.popularmechanics.com/technology/a24676415/dallas-hackers/ Tinker's Twitter: @tinkersec Tinker's Mastodon - @tinker Infosec Mastodon - https://infosec.exchange/auth/sign_up Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere John's Mastodon: https://infosec.exchange/@JohnsNotHere Podcast Website: purplesquadsec.com Patreon - https://www.patreon.com/purplesquadsec Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

1hr 6mins

13 Dec 2018

Rank #17

Podcast cover

Episode 010 – Crowdsourced Pen Testing w/ Jason Haddix of Bugcrowd

Penetration testing.  If you're in the information security field, you have run into your fair share of them.  Now there seems to be a trend with penetration testing moving to a crowdsourcing model.  This week I speak with Jason Haddix of Bugcrowd to explore why that is, what's the draw and how are companies like Bugcrowd helping build the infosec community. Some links of interest: Bugcrowd: https://www.bugcrowd.com/ HackerOne: https://www.hackerone.com/ HackTheBox: https://www.hackthebox.eu/ Bugcrowd Report: The 2017 State of Bug Bounty Bugcrowd's Twitter: https://twitter.com/Bugcrowd Want to reach out to the show?  There's a few ways to get in touch! Show Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you again next time! Find out more at http://purplesquadsec.com

42mins

12 Nov 2017

Rank #18

Podcast cover

Episode 36 – The Joy of CTFs with Derek Rook

Capture The Flag games, or CTFs, are a popular way for infosec pros to brush up on the offensive skills.  From VulnHub to HackTheBox, there are a few different ways to quote "get your hack on"!  Derek Rook (@_r00k_) joins me today to talk about CTFs and how they can assist in your Infosec journey, regardless of your role. Some links of interest: Derek's YouTube Channel - https://www.youtube.com/channel/UCMACXuWd2w6_IEGog744UaA Derek's Twitch Stream - https://www.twitch.tv/r00k_infosec ippsec's YouTube Channel - https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA LiveOverflow YouTube Channel - https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w Mub1x's Twitch Stream - https://www.twitch.tv/mub1x CCDC (US) - http://www.nationalccdc.org/ CCDC (Canada) - https://www.cyberdefencechallenge.ca/ SANS Holiday Hack Challenge - https://holidayhackchallenge.com/past-challenges/ Open2All CTF team - https://www.reddit.com/r/OpenToAllCTFteam/ CTF Time - https://ctftime.org/ Derek's Twitter - https://twitter.com/_r00k_ Want to reach out to the show?  There's a few ways to get in touch! Purple Squad Security's Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time. Find out more at http://purplesquadsec.com

45mins

29 Jul 2018

Rank #19

Podcast cover

Episode 003 – Just the Equifax ma’am

Equifax had the largest data breach this year, possibly ever!  How could I possibly pass up this opportunity to discuss what happened?  How did it happen and what lessons could we learn from it?  Equifax did a lot of things wrong for sure, but that doesn't mean that we should throw stones.  Especially given how many of us live in glass houses. Have a listen as I explore the Equifax breach from another perspective, in the hopes of salvaging something of use for others in the infosec community. Some links of interest: https://www.equifaxsecurity2017.com/ Equifax Bitcoin Ransom Krebs On Security - Equifax Breach Response Turns Dumpster Fire Apache Foundation Responds to Struts Vulnerability Confirmation CVE-2017-5638 Details OWASP Maven Dependency Checker Wappalyzer Browser Plug-In Want to reach out to the show?  There's a few ways to get in touch! Show Twitter: @PurpleSquadSec John's Twitter: @JohnsNotHere Website: purplesquadsec.com Slack Sign-Up Link: https://signup.purplesquadsec.com John's Peerlyst Profile: https://www.peerlyst.com/users/john-svazic Thanks for listening, and I will talk with you again next time! Find out more at http://purplesquadsec.com

45mins

17 Sep 2017

Rank #20